Some time ago Anker's Eufy surveillance camera was criticized for not protecting user privacy, namely uploading video footage to the cloud without user permission.
Is a security consultant Paul Moore who found these loopholes. But the biggest problem is not that, but videos uploaded by Eufy camera users can be accessed via media players such as VLC, without any restrictions.
At that time, Anker insisted that Eufy's cameras use end-to-end encryption, then the videos recorded are only stored locally and can only be sent to other devices on the same network.
Now, months after being heavily criticized, Anker finally admits that the recorded video from Eufy is not encrypted. They have now fixed the issue by updating all Eufy cameras to use the WebRTC API to encrypt videos using AES and RSA algorithms.
"Now all videos (both live and recorded) that users send to the Eufy Security Web portal or the Eufy security application are equipped with end-to-end encryption using the AES and RSA algorithms," said Eric Villines, Head of Global Communications at Anker.
By encrypting the video, the recorded content can no longer be watched freely using third-party media player applications, for example VLC.
They also apologized publicly for not being transparent when dealing with these security issues. Anker also admitted that he hired an independent security audit company to improve the security of Eufy's products, we were quoted as saying from GSM Arena, Friday (3/2/2023).